Validate read() parameters in MergedStream and UTF32Reader implementations (#1544)

Copilot · web-flow · commit e42db3f106ea · 2026-02-24T18:42:31.000-08:00
diff --git a/pom.xml b/pom.xml
@@ -8,12 +8,12 @@
   <parent>
     <groupId>tools.jackson</groupId>
     <artifactId>jackson-base</artifactId>
-    <version>3.2.0-SNAPSHOT</version>
+    <version>3.1.0-SNAPSHOT</version>
   </parent>
   <groupId>tools.jackson.core</groupId>
   <artifactId>jackson-core</artifactId>
   <name>Jackson-core</name>
-  <version>3.2.0-SNAPSHOT</version>
+  <version>3.1.0-SNAPSHOT</version>
   <packaging>jar</packaging>
   <description>Core Jackson processing abstractions (aka Streaming API), implementation for JSON</description>
   <inceptionYear>2007</inceptionYear>
@@ -48,7 +48,13 @@
     <javac.src.version>17</javac.src.version>
     <javac.target.version>17</javac.target.version>
 
-    <!-- Baseline Android SDK compatibility from `jackson-base` -->
+    <!-- Baseline Android SDK compatibility:
+
+         * Jackson 3.0 compatible with Android SDK 26 and up
+      -->
+    <version.android.sdk>34</version.android.sdk>
+    <version.android.sdk.signature>0.12.0</version.android.sdk.signature>
+    <version.plugin.animal-sniffer>1.27</version.plugin.animal-sniffer>
 
     <osgi.export>tools.jackson.core;version=${project.version},
 tools.jackson.core.*;version=${project.version}
@@ -60,7 +66,7 @@ tools.jackson.core.*;version=${project.version}
     <packageVersion.package>${project.groupId}.json</packageVersion.package>
 
     <!-- for Reproducible Builds -->
-    <project.build.outputTimestamp>2026-02-23T20:59:39Z</project.build.outputTimestamp>
+    <project.build.outputTimestamp>2026-01-28T03:43:50Z</project.build.outputTimestamp>
 
     <!-- for validation of JaCoCo execution -->
     <jacocoStrict>false</jacocoStrict>
@@ -363,11 +369,20 @@ tools.jackson.core.*;version=${project.version}
 
       <!-- 16-Nov-2022, tatu: [core#838] add verification of compatibility
            wrt Android SDK versions using AnimalSniffer with "gummy bears" signatures.
+           To be run from CI, but manually with:
+              mvn clean package animal-sniffer:check
         -->
-      <!-- 24-Feb-2026, tatu [core#1545] Starting with 3.2, use common defaults -->
       <plugin>
         <groupId>org.codehaus.mojo</groupId>
         <artifactId>animal-sniffer-maven-plugin</artifactId>
+        <version>${version.plugin.animal-sniffer}</version>
+        <configuration>
+          <signature>
+            <groupId>com.toasttab.android</groupId>
+            <artifactId>gummy-bears-api-${version.android.sdk}</artifactId>
+            <version>${version.android.sdk.signature}</version>
+          </signature>
+        </configuration>
       </plugin>
     </plugins>
   </build>
diff --git a/src/main/java/tools/jackson/core/io/MergedStream.java b/src/main/java/tools/jackson/core/io/MergedStream.java
@@ -1,6 +1,7 @@
 package tools.jackson.core.io;
 
 import java.io.*;
+import java.util.Objects;
 
 /**
  * Simple {@link InputStream} implementation that is used to "unwind" some
@@ -69,6 +70,8 @@ public int available() throws IOException {
 
     @Override
     public int read(byte[] b, int off, int len) throws IOException {
+        Objects.requireNonNull(b, "b");
+        Objects.checkFromIndexSize(off, len, b.length);
         if (_b != null) {
             int avail = _end - _ptr;
             if (len > avail) {
diff --git a/src/main/java/tools/jackson/core/io/UTF32Reader.java b/src/main/java/tools/jackson/core/io/UTF32Reader.java
@@ -1,6 +1,7 @@
 package tools.jackson.core.io;
 
 import java.io.*;
+import java.util.Objects;
 
 
 /**
@@ -112,13 +113,14 @@ public int read() throws IOException {
     @Override
     public int read(char[] cbuf, int start, int len) throws IOException
     {
-        // Already EOF?
-        if (_buffer == null) { return -1; }
-        if (len < 1) { return len; }
+        Objects.requireNonNull(cbuf, "cbuf");
         // Let's then ensure there's enough room...
         if (start < 0 || len < 0 || start > (cbuf.length - len)) {
             reportBounds(cbuf, start, len);
         }
+        // Already EOF?
+        if (_buffer == null) { return -1; }
+        if (len < 1) { return len; }
 
         int outPtr = start;
         final int outEnd = len+start;
diff --git a/src/test/java/tools/jackson/core/unittest/io/MergedStreamTest.java b/src/test/java/tools/jackson/core/unittest/io/MergedStreamTest.java
@@ -54,4 +54,40 @@ void simple() throws Exception
 
         ms.close();
     }
+
+    @Test
+    void parameterValidation() throws Exception
+    {
+        IOContext ctxt = testIOContext();
+        byte[] first = ctxt.allocReadIOBuffer();
+        System.arraycopy("ABC".getBytes("UTF-8"), 0, first, 0, 3);
+        byte[] second = "DEF".getBytes("UTF-8");
+        
+        MergedStream ms = new MergedStream(ctxt, new ByteArrayInputStream(second),
+                                           first, 0, 3);
+        byte[] buffer = new byte[10];
+
+        // Test null byte array
+        assertThrows(NullPointerException.class, () -> {
+            ms.read(null, 0, 5);
+        });
+
+        // Test negative offset
+        assertThrows(IndexOutOfBoundsException.class, () -> {
+            ms.read(buffer, -1, 5);
+        });
+
+        // Test negative length
+        assertThrows(IndexOutOfBoundsException.class, () -> {
+            ms.read(buffer, 0, -1);
+        });
+
+        // Test offset + length > array length
+        assertThrows(IndexOutOfBoundsException.class, () -> {
+            ms.read(buffer, 5, 10);
+        });
+
+        ms.close();
+        ctxt.close();
+    }
 }
diff --git a/src/test/java/tools/jackson/core/unittest/io/UTF32ReaderTest.java b/src/test/java/tools/jackson/core/unittest/io/UTF32ReaderTest.java
@@ -0,0 +1,49 @@
+package tools.jackson.core.unittest.io;
+
+import java.io.*;
+
+import org.junit.jupiter.api.Test;
+
+import tools.jackson.core.io.UTF32Reader;
+import tools.jackson.core.unittest.*;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class UTF32ReaderTest
+    extends JacksonCoreTestBase
+{
+    @Test
+    void parameterValidation() throws Exception
+    {
+        byte[] input = new byte[] { 
+            0x00, 0x00, 0x00, 0x41,  // 'A'
+            0x00, 0x00, 0x00, 0x42,  // 'B'
+            0x00, 0x00, 0x00, 0x43   // 'C'
+        };
+        UTF32Reader reader = new UTF32Reader(null, new ByteArrayInputStream(input), true,
+                                              input, 0, input.length, true);
+        char[] buffer = new char[10];
+
+        // Test null char array
+        assertThrows(NullPointerException.class, () -> {
+            reader.read(null, 0, 5);
+        });
+
+        // Test negative offset
+        assertThrows(IndexOutOfBoundsException.class, () -> {
+            reader.read(buffer, -1, 5);
+        });
+
+        // Test negative length
+        assertThrows(IndexOutOfBoundsException.class, () -> {
+            reader.read(buffer, 0, -1);
+        });
+
+        // Test offset + length > array length
+        assertThrows(IndexOutOfBoundsException.class, () -> {
+            reader.read(buffer, 5, 10);
+        });
+
+        reader.close();
+    }
+}
